From 6ac3fa08b3db33404696f026d8013816f8053f06b72f697ddbe211e7754e2953 Mon Sep 17 00:00:00 2001 From: OBS User unknown Date: Sat, 1 Aug 2009 09:21:55 +0000 Subject: [PATCH] OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/acl?expand=0&rev=12 --- acl-2.2.47.src.tar.bz2 | 3 - acl-2.2.48.src.tar.gz | 3 + ...urn-error-status-on-setfacl-failures.patch | 47 - acl-add-getfacl-r-l-p-tests.patch | 210 ----- ...est-target-and-use-make-to-run-tests.patch | 70 -- ...t-option-support-to-the-acl-commands.patch | 182 ---- acl-fix-setfacl-for-long-utf8-filenames.patch | 63 -- acl-minor-fix-to-cp.test.patch | 24 - acl-move-nfs-tests-to-their-own-folder.patch | 219 ----- acl-move-root-tests-to-their-own-folder.patch | 881 ------------------ acl-various-improvements-for-test-run.patch | 192 ---- acl.changes | 11 + acl.spec | 177 +--- null-pointer-access.diff | 57 -- walk-tree-fix-for-deref.patch | 68 -- 15 files changed, 22 insertions(+), 2185 deletions(-) delete mode 100644 acl-2.2.47.src.tar.bz2 create mode 100644 acl-2.2.48.src.tar.gz delete mode 100644 acl-Return-error-status-on-setfacl-failures.patch delete mode 100644 acl-add-getfacl-r-l-p-tests.patch delete mode 100644 acl-add-make-test-target-and-use-make-to-run-tests.patch delete mode 100644 acl-add-short-option-support-to-the-acl-commands.patch delete mode 100644 acl-fix-setfacl-for-long-utf8-filenames.patch delete mode 100644 acl-minor-fix-to-cp.test.patch delete mode 100644 acl-move-nfs-tests-to-their-own-folder.patch delete mode 100644 acl-move-root-tests-to-their-own-folder.patch delete mode 100644 acl-various-improvements-for-test-run.patch delete mode 100644 null-pointer-access.diff delete mode 100644 walk-tree-fix-for-deref.patch diff --git a/acl-2.2.47.src.tar.bz2 b/acl-2.2.47.src.tar.bz2 deleted file mode 100644 index 663792f..0000000 --- a/acl-2.2.47.src.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:e7113f1a6447476b8f20ede65eaa4179b287be47829b9b820357754c570db880 -size 129813 diff --git a/acl-2.2.48.src.tar.gz b/acl-2.2.48.src.tar.gz new file mode 100644 index 0000000..8f6d626 --- /dev/null +++ b/acl-2.2.48.src.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:f29cc6c3453703b9f3be2b5fdc60c4af6dc52f1696eaf7b657dd71948bbce27d +size 361965 diff --git a/acl-Return-error-status-on-setfacl-failures.patch b/acl-Return-error-status-on-setfacl-failures.patch deleted file mode 100644 index 0e2bde2..0000000 --- a/acl-Return-error-status-on-setfacl-failures.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 1c666c65d5a33b17d57e7022fddf7b74d2ca1809 Mon Sep 17 00:00:00 2001 -From: Eric Sandeen -Date: Mon, 9 Feb 2009 00:59:00 +0100 -Subject: [PATCH] acl: Return error status on setfacl failures - -Resolves Red Hat bug: - rh#368451 - setfacl returns 0 even though it fails - -From: Jiri Moskovcak -Signed-off-by: Eric Sandeen -Signed-off-by: Andreas Gruenbacher ---- - setfacl/setfacl.c | 4 +++- - 1 files changed, 3 insertions(+), 1 deletions(-) - -diff --git a/setfacl/setfacl.c b/setfacl/setfacl.c -index 96f6fc4..240a9b5 100644 ---- a/setfacl/setfacl.c -+++ b/setfacl/setfacl.c -@@ -137,7 +137,7 @@ restore( - if (error < 0) - goto fail; - if (error == 0) -- return 0; -+ return status; - - if (path_p == NULL) { - if (filename) { -@@ -151,6 +151,7 @@ restore( - "aborting\n"), - progname, backup_line); - } -+ status = 1; - goto getout; - } - -@@ -169,6 +170,7 @@ restore( - fprintf(stderr, _("%s: %s: %s in line %d\n"), - progname, xquote(filename), strerror(errno), - line); -+ status = 1; - goto getout; - } - --- -1.6.0.2 - diff --git a/acl-add-getfacl-r-l-p-tests.patch b/acl-add-getfacl-r-l-p-tests.patch deleted file mode 100644 index 29440de..0000000 --- a/acl-add-getfacl-r-l-p-tests.patch +++ /dev/null @@ -1,210 +0,0 @@ -From: Brandon Philips -Subject: [PATH] acl: add getfacl -R -L -P tests - -Test fixes to walk_tree.c by Andreas. - -Signed-off-by: Brandon Philips - ---- - test/getfacl-recursive.test | 194 ++++++++++++++++++++++++++++++++++++++++++++ - 1 file changed, 194 insertions(+) - -Index: acl-2.2.47/test/getfacl-recursive.test -=================================================================== ---- /dev/null -+++ acl-2.2.47/test/getfacl-recursive.test -@@ -0,0 +1,194 @@ -+Tests for proper path recursion -+ -+ $ mkdir -p 1/2/3 -+ $ mkdir 1/link -+ $ touch 1/link/file -+ $ ln -s `pwd`/1/link 1/2/link -+ $ getfacl -P -R 1/2 -+ > # file: 1/2 -+ > # owner: %TUSER -+ > # group: %TGROUP -+ > user::rwx -+ > group::r-x -+ > other::r-x -+ > -+ > # file: 1/2/3 -+ > # owner: %TUSER -+ > # group: %TGROUP -+ > user::rwx -+ > group::r-x -+ > other::r-x -+ > -+ -+ $ getfacl -R 1/2 -+ > # file: 1/2 -+ > # owner: %TUSER -+ > # group: %TGROUP -+ > user::rwx -+ > group::r-x -+ > other::r-x -+ > -+ > # file: 1/2/3 -+ > # owner: %TUSER -+ > # group: %TGROUP -+ > user::rwx -+ > group::r-x -+ > other::r-x -+ > -+ -+ $ getfacl -R -L 1/2 -+ > # file: 1/2 -+ > # owner: %TUSER -+ > # group: %TGROUP -+ > user::rwx -+ > group::r-x -+ > other::r-x -+ > -+ > # file: 1/2/3 -+ > # owner: %TUSER -+ > # group: %TGROUP -+ > user::rwx -+ > group::r-x -+ > other::r-x -+ > -+ > # file: 1/2/link -+ > # owner: %TUSER -+ > # group: %TGROUP -+ > user::rwx -+ > group::r-x -+ > other::r-x -+ > -+ > # file: 1/2/link/file -+ > # owner: %TUSER -+ > # group: %TGROUP -+ > user::rw- -+ > group::r-- -+ > other::r-- -+ > -+ -+ $ getfacl -P -R 1 -+ > # file: 1 -+ > # owner: %TUSER -+ > # group: %TGROUP -+ > user::rwx -+ > group::r-x -+ > other::r-x -+ > -+ > # file: 1/2 -+ > # owner: %TUSER -+ > # group: %TGROUP -+ > user::rwx -+ > group::r-x -+ > other::r-x -+ > -+ > # file: 1/2/3 -+ > # owner: %TUSER -+ > # group: %TGROUP -+ > user::rwx -+ > group::r-x -+ > other::r-x -+ > -+ > # file: 1/link -+ > # owner: %TUSER -+ > # group: %TGROUP -+ > user::rwx -+ > group::r-x -+ > other::r-x -+ > -+ > # file: 1/link/file -+ > # owner: %TUSER -+ > # group: %TGROUP -+ > user::rw- -+ > group::r-- -+ > other::r-- -+ > -+ -+ $ getfacl -R 1 -+ > # file: 1 -+ > # owner: %TUSER -+ > # group: %TGROUP -+ > user::rwx -+ > group::r-x -+ > other::r-x -+ > -+ > # file: 1/2 -+ > # owner: %TUSER -+ > # group: %TGROUP -+ > user::rwx -+ > group::r-x -+ > other::r-x -+ > -+ > # file: 1/2/3 -+ > # owner: %TUSER -+ > # group: %TGROUP -+ > user::rwx -+ > group::r-x -+ > other::r-x -+ > -+ > # file: 1/link -+ > # owner: %TUSER -+ > # group: %TGROUP -+ > user::rwx -+ > group::r-x -+ > other::r-x -+ > -+ > # file: 1/link/file -+ > # owner: %TUSER -+ > # group: %TGROUP -+ > user::rw- -+ > group::r-- -+ > other::r-- -+ > -+ -+ $ getfacl -R -L 1 -+ > # file: 1 -+ > # owner: %TUSER -+ > # group: %TGROUP -+ > user::rwx -+ > group::r-x -+ > other::r-x -+ > -+ > # file: 1/2 -+ > # owner: %TUSER -+ > # group: %TGROUP -+ > user::rwx -+ > group::r-x -+ > other::r-x -+ > -+ > # file: 1/2/3 -+ > # owner: %TUSER -+ > # group: %TGROUP -+ > user::rwx -+ > group::r-x -+ > other::r-x -+ > -+ > # file: 1/2/link -+ > # owner: %TUSER -+ > # group: %TGROUP -+ > user::rwx -+ > group::r-x -+ > other::r-x -+ > -+ > # file: 1/2/link/file -+ > # owner: %TUSER -+ > # group: %TGROUP -+ > user::rw- -+ > group::r-- -+ > other::r-- -+ > -+ > # file: 1/link -+ > # owner: %TUSER -+ > # group: %TGROUP -+ > user::rwx -+ > group::r-x -+ > other::r-x -+ > -+ > # file: 1/link/file -+ > # owner: %TUSER -+ > # group: %TGROUP -+ > user::rw- -+ > group::r-- -+ > other::r-- -+ > -+ -+ $ rm -R 1/ diff --git a/acl-add-make-test-target-and-use-make-to-run-tests.patch b/acl-add-make-test-target-and-use-make-to-run-tests.patch deleted file mode 100644 index dda8529..0000000 --- a/acl-add-make-test-target-and-use-make-to-run-tests.patch +++ /dev/null @@ -1,70 +0,0 @@ -From: Brandon Philips -Subject: [PATCH] acl: add make tests target and use make to run tests - -The tests are difficult to run. So, this patch adds a Make target that -sets up the path and runs *.test files in the test/ directory. - -nfs specific tests can be ran from the test directory by running -`make nfs-tests` - -tests requiring root can be ran from the test directory by running -`make root-tests` - -Signed-off-by: Brandon Philips - ---- - Makefile | 4 ++++ - test/Makefile | 27 ++++++++++++++++++++++++--- - 2 files changed, 28 insertions(+), 3 deletions(-) - -Index: acl-2.2.47/test/Makefile -=================================================================== ---- acl-2.2.47.orig/test/Makefile -+++ acl-2.2.47/test/Makefile -@@ -5,10 +5,31 @@ - TOPDIR = .. - include $(TOPDIR)/include/builddefs - --LSRCFILES = run make-tree \ -- cp.test getfacl-noacl.test misc.test nfs-dir.test \ -- nfsacl.test permissions.test setfacl.test -+TESTS = $(wildcard *.test) -+ROOT = $(wildcard root/*.test) -+NFS = $(wildcard nfs/*.test) -+LSRCFILES = run make-tree $(TESTS) $(ROOT) $(NFS) - - include $(BUILDRULES) - - default install install-dev install-lib: -+ -+PATH := $(abspath ../getfacl/):$(abspath ../setfacl/):$(abspath ../chacl/):$(PATH) -+ -+tests: $(TESTS) -+root-tests: $(ROOT) -+nfs-tests: $(NFS) -+ -+$(TESTS): -+ @echo "*** $@ ***"; perl run $@ -+ -+$(NFS): -+ @echo "NFS specific tests"; @echo "*** $@ ***"; perl run $@ -+ -+$(ROOT): -+ @echo "Note: Tests must run as root"; @echo "*** $@ ***"; perl run $@ -+ -+.PHONY: $(TESTS) $(NFS) $(ROOT) -+.NOTPARALLEL: -+ -+ -Index: acl-2.2.47/Makefile -=================================================================== ---- acl-2.2.47.orig/Makefile -+++ acl-2.2.47/Makefile -@@ -65,3 +65,7 @@ install-lib: default - realclean distclean: clean - rm -f $(LDIRT) $(CONFIGURE) - rm -rf autom4te.cache Logs -+ -+.PHONY: tests -+tests: default -+ $(MAKE) -C test/ tests diff --git a/acl-add-short-option-support-to-the-acl-commands.patch b/acl-add-short-option-support-to-the-acl-commands.patch deleted file mode 100644 index f074e72..0000000 --- a/acl-add-short-option-support-to-the-acl-commands.patch +++ /dev/null @@ -1,182 +0,0 @@ -From: Eric Sandeen -Date: Mon, 9 Feb 2009 00:50:51 +0100 -Subject: [PATCH] acl: add short option support to the acl commands - -Resolves Red Hat bugs: - rh#204087 - getfacl/setfacl should support -n - rh#457244 - setfacl does not recognize -v and -h - -Folds in [PATCH] Manpage documents -r instead of -t now - -From: Jiri Moskovcak -Signed-off-by: Eric Sandeen -Signed-off-by: Andreas Gruenbacher ---- - getfacl/getfacl.c | 22 +++++++++++----------- - man/man1/getfacl.1 | 25 ++++++++++++++----------- - man/man1/setfacl.1 | 4 ++-- - setfacl/setfacl.c | 8 ++++---- - 4 files changed, 31 insertions(+), 28 deletions(-) - -Index: acl-2.2.47/getfacl/getfacl.c -=================================================================== ---- acl-2.2.47.orig/getfacl/getfacl.c -+++ acl-2.2.47/getfacl/getfacl.c -@@ -43,7 +43,7 @@ - #define POSIXLY_CORRECT_STR "POSIXLY_CORRECT" - - #if !POSIXLY_CORRECT --# define CMD_LINE_OPTIONS "dRLP" -+# define CMD_LINE_OPTIONS "aceEsRLPtpndvh" - #endif - #define POSIXLY_CMD_LINE_OPTIONS "d" - -@@ -555,23 +555,23 @@ void help(void) - #if !POSIXLY_CORRECT - } else { - printf(_( --" --access display the file access control list only\n" -+" -a, --access display the file access control list only\n" - " -d, --default display the default access control list only\n" --" --omit-header do not display the comment header\n" --" --all-effective print all effective rights\n" --" --no-effective print no effective rights\n" --" --skip-base skip files that only have the base entries\n" -+" -c, --omit-header do not display the comment header\n" -+" -e, --all-effective print all effective rights\n" -+" -E, --no-effective print no effective rights\n" -+" -s, --skip-base skip files that only have the base entries\n" - " -R, --recursive recurse into subdirectories\n" - " -L, --logical logical walk, follow symbolic links\n" - " -P, --physical physical walk, do not follow symbolic links\n" --" --tabular use tabular output format\n" --" --numeric print numeric user/group identifiers\n" --" --absolute-names don't strip leading '/' in pathnames\n")); -+" -t, --tabular use tabular output format\n" -+" -n, --numeric print numeric user/group identifiers\n" -+" -p, --absolute-names don't strip leading '/' in pathnames\n")); - } - #endif - printf(_( --" --version print version and exit\n" --" --help this help text\n")); -+" -v, --version print version and exit\n" -+" -h, --help this help text\n")); - } - - int main(int argc, char *argv[]) -Index: acl-2.2.47/man/man1/getfacl.1 -=================================================================== ---- acl-2.2.47.orig/man/man1/getfacl.1 -+++ acl-2.2.47/man/man1/getfacl.1 -@@ -12,10 +12,10 @@ getfacl \- get file access control lists - .SH SYNOPSIS - - .B getfacl --[\-dRLPvh] file ... -+[\-aceEsRLPtpndvh] file ... - - .B getfacl --[\-dRLPvh] \- -+[\-aceEsRLPtpndvh] \- - - .SH DESCRIPTION - For each file, getfacl displays the file name, owner, the group, -@@ -78,22 +78,22 @@ accessing the file mode. - - .SS OPTIONS - .TP 4 --.I \-\-access -+.I \-a, \-\-access - Display the file access control list. - .TP - .I \-d, \-\-default - Display the default access control list. - .TP --.I \-\-omit-header -+.I \-c, \-\-omit-header - Do not display the comment header (the first three lines of each file's output). - .TP --.I \-\-all-effective -+.I \-e, \-\-all-effective - Print all effective rights comments, even if identical to the rights defined by the ACL entry. - .TP --.I \-\-no-effective -+.I \-E, \-\-no-effective - Do not print effective rights comments. - .TP --.I \-\-skip-base -+.I \-s, \-\-skip-base - Skip files that only have the base ACL entries (owner, group, others). - .TP - .I \-R, \-\-recursive -@@ -109,17 +109,20 @@ Physical walk, do not follow symbolic li - link arguments. - Only effective in combination with \-R. - .TP --.I \-\-tabular -+.I \-t, \-\-tabular - Use an alternative tabular output format. The ACL and the default ACL are displayed side by side. Permissions that are ineffective due to the ACL mask entry are displayed capitalized. The entry tag names for the ACL_USER_OBJ and ACL_GROUP_OBJ entries are also displayed in capital letters, which helps in spotting those entries. - .TP --.I \-\-absolute-names -+.I \-p, \-\-absolute-names - Do not strip leading slash characters (`/'). The default behavior is to - strip leading slash characters. - .TP --.I \-\-version -+.I \-n, \-\-numeric -+List numeric user and group IDs -+.TP -+.I \-v, \-\-version - Print the version of getfacl and exit. - .TP --.I \-\-help -+.I \-h, \-\-help - Print help explaining the command line options. - .TP - .I \-\- -Index: acl-2.2.47/man/man1/setfacl.1 -=================================================================== ---- acl-2.2.47.orig/man/man1/setfacl.1 -+++ acl-2.2.47/man/man1/setfacl.1 -@@ -115,10 +115,10 @@ This also skips symbolic link arguments. - Only effective in combination with \-R. - This option cannot be mixed with `\-\-restore'. - .TP 4 --.I \-\-version -+.I \-v, \-\-version - Print the version of setfacl and exit. - .TP 4 --.I \-\-help -+.I \-h, \-\-help - Print help explaining the command line options. - .TP 4 - .I \-\- -Index: acl-2.2.47/setfacl/setfacl.c -=================================================================== ---- acl-2.2.47.orig/setfacl/setfacl.c -+++ acl-2.2.47/setfacl/setfacl.c -@@ -42,10 +42,10 @@ extern int do_set(const char *path_p, co - - /* '-' stands for `process non-option arguments in loop' */ - #if !POSIXLY_CORRECT --# define CMD_LINE_OPTIONS "-:bkndm:M:x:X:RLP" -+# define CMD_LINE_OPTIONS "-:bkndvhm:M:x:X:RLP" - # define CMD_LINE_SPEC "[-bkndRLP] { -m|-M|-x|-X ... } file ..." - #endif --#define POSIXLY_CMD_LINE_OPTIONS "-:bkndm:M:x:X:" -+#define POSIXLY_CMD_LINE_OPTIONS "-:bkndvhm:M:x:X:" - #define POSIXLY_CMD_LINE_SPEC "[-bknd] {-m|-M|-x|-X ... } file ..." - - struct option long_options[] = { -@@ -265,8 +265,8 @@ void help(void) - } - #endif - printf(_( --" --version print version and exit\n" --" --help this help text\n")); -+" -v, --version print version and exit\n" -+" -h, --help this help text\n")); - } - - diff --git a/acl-fix-setfacl-for-long-utf8-filenames.patch b/acl-fix-setfacl-for-long-utf8-filenames.patch deleted file mode 100644 index 91a0558..0000000 --- a/acl-fix-setfacl-for-long-utf8-filenames.patch +++ /dev/null @@ -1,63 +0,0 @@ -From: Eric Sandeen -Date: Mon, 9 Feb 2009 01:02:38 +0100 -Subject: [PATCH] acl: fix setfacl for long utf8 filenames - -Resolved Red Hat bugs: - rh#183181 - Bad: utf8 long filenames - invalid argument - rh#287701 - PATH_MAX patch seems incomplete - -From: Andrey -From: Thomas Woerner -Signed-off-by: Eric Sandeen -Signed-off-by: Andreas Gruenbacher -Acked-by: Brandon Philips ---- - setfacl/parse.c | 8 +++++++- - test/utf8-filenames.test | 14 ++++++++++++++ - 2 files changed, 21 insertions(+), 1 deletion(-) - -Index: acl-2.2.47/setfacl/parse.c -=================================================================== ---- acl-2.2.47.orig/setfacl/parse.c -+++ acl-2.2.47/setfacl/parse.c -@@ -24,6 +24,7 @@ - #include - #include - #include -+#include - - #include - #include -@@ -412,7 +413,12 @@ read_acl_comments( - gid_t *gid_p) - { - int c; -- char linebuf[1024]; -+ /* -+ Max PATH_MAX bytes even for UTF-8 path names and additional 9 -+ bytes for "# file: ". Not a good solution but for now it is the -+ best I can do without too much impact on the code. [tw] -+ */ -+ char linebuf[(4*PATH_MAX)+9]; - char *cp; - char *p; - int comments_read = 0; -Index: acl-2.2.47/test/utf8-filenames.test -=================================================================== ---- /dev/null -+++ acl-2.2.47/test/utf8-filenames.test -@@ -0,0 +1,14 @@ -++Test the setfacl --restore with utf8 paths. -++Regression test: https://bugzilla.redhat.com/show_bug.cgi?id=183181 -+ -+The utf string UPATH is 250 bytes long and is repeated 4 times to create the -+path that setfacl will use. This size should work on systems with a small 255 -+NAME_MAX. -+ -+ $ export UPATH="官官話官話官話官話官話官話官話官話官話官話官話官話官話官話官話官話官話官話官話官話官話官話官話官話官話官話官話官話官話官話官話官話官話官話話官話官話官話>官話官話話官話官" -+ $ mkdir -p $UPATH/$UPATH/$UPATH -+ $ touch $UPATH/$UPATH/$UPATH/$UPATH -+ $ getfacl $UPATH/$UPATH/$UPATH/$UPATH > utf8-filenames.acl -+ $ setfacl --restore=utf8-filenames.acl -+ $ rm -R $UPATH -+ $ rm utf8-filenames.acl diff --git a/acl-minor-fix-to-cp.test.patch b/acl-minor-fix-to-cp.test.patch deleted file mode 100644 index c35fd72..0000000 --- a/acl-minor-fix-to-cp.test.patch +++ /dev/null @@ -1,24 +0,0 @@ -From: Brandon Philips -Subject: [PATCH] acl: minor fix to cp.test - -X -> x - -Signed-off-by: Brandon Philips - ---- - test/cp.test | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -Index: acl-2.2.47/test/cp.test -=================================================================== ---- acl-2.2.47.orig/test/cp.test -+++ acl-2.2.47/test/cp.test -@@ -24,7 +24,7 @@ The cp utility should only copy ACLs if - > blubb - - $ rm -r i -- $ setfacl -R -m u:bin:rwX h -+ $ setfacl -R -m u:bin:rwx h - $ getfacl --omit-header h/x - > user::rw- - > user:bin:rwx diff --git a/acl-move-nfs-tests-to-their-own-folder.patch b/acl-move-nfs-tests-to-their-own-folder.patch deleted file mode 100644 index 2b6239c..0000000 --- a/acl-move-nfs-tests-to-their-own-folder.patch +++ /dev/null @@ -1,219 +0,0 @@ -From: Brandon Philips -Subject: [PATCH] acl: move nfs tests to their own folder - -Since these tests require nfs mounts to run move them into a seperate -folder so they don't run by default. - -Signed-off-by: Brandon Philips - ---- - test/nfs-dir.test | 50 -------------------------------------------------- - test/nfs/nfs-dir.test | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++ - test/nfs/nfsacl.test | 42 ++++++++++++++++++++++++++++++++++++++++++ - test/nfsacl.test | 42 ------------------------------------------ - 4 files changed, 92 insertions(+), 92 deletions(-) - -Index: acl-2.2.47/test/nfs-dir.test -=================================================================== ---- acl-2.2.47.orig/test/nfs-dir.test -+++ /dev/null -@@ -1,50 +0,0 @@ --This is a regression test for a bug in 2.4 kernels. The test must be run --as root on a machine that has a loopback mounted NFS export. The mount --must have root squashing enabled. The test must be run in the root of --the nfs mount, and requires the following environment variable: -- --EXPORT_PATH => the path that is mounted at the working directory. -- -- Create a test directory and file. -- -- $ umask 022 -- $ mkdir %{EXPORT_PATH}/test -- $ echo blah > %{EXPORT_PATH}/test/blah -- -- Make sure the file can be accessed before. -- -- $ su bin -- $ cat test/blah -- > blah -- -- Set up a situation that triggers the bug. -- -- $ su -- $ chmod go-rwx %{EXPORT_PATH}/test -- $ setfacl -m u:bin:rx %{EXPORT_PATH}/test -- $ ls -dl %{EXPORT_PATH}/test | awk '{print $1, $3, $4}' -- > drwxr-x---+ root root -- $ getfacl --omit-header %{EXPORT_PATH}/test 2> /dev/null -- > user::rwx -- > user:bin:r-x -- > group::--- -- > mask::r-x -- > other::--- -- > -- -- This should also succeed. With the bug, reading the file would -- fail with "Stale NFS file handle" or "Input/output error". -- -- $ su bin -- $ cat test/blah -- > blah -- $ sleep 3 -- $ cat test/blah -- > blah -- $ cat test/blah -- > blah -- -- Clean up. -- -- $ su -- $ rm -rf %{EXPORT_PATH}/test -Index: acl-2.2.47/test/nfs/nfs-dir.test -=================================================================== ---- /dev/null -+++ acl-2.2.47/test/nfs/nfs-dir.test -@@ -0,0 +1,50 @@ -+This is a regression test for a bug in 2.4 kernels. The test must be run -+as root on a machine that has a loopback mounted NFS export. The mount -+must have root squashing enabled. The test must be run in the root of -+the nfs mount, and requires the following environment variable: -+ -+EXPORT_PATH => the path that is mounted at the working directory. -+ -+ Create a test directory and file. -+ -+ $ umask 022 -+ $ mkdir %{EXPORT_PATH}/test -+ $ echo blah > %{EXPORT_PATH}/test/blah -+ -+ Make sure the file can be accessed before. -+ -+ $ su bin -+ $ cat test/blah -+ > blah -+ -+ Set up a situation that triggers the bug. -+ -+ $ su -+ $ chmod go-rwx %{EXPORT_PATH}/test -+ $ setfacl -m u:bin:rx %{EXPORT_PATH}/test -+ $ ls -dl %{EXPORT_PATH}/test | awk '{print $1, $3, $4}' -+ > drwxr-x---+ root root -+ $ getfacl --omit-header %{EXPORT_PATH}/test 2> /dev/null -+ > user::rwx -+ > user:bin:r-x -+ > group::--- -+ > mask::r-x -+ > other::--- -+ > -+ -+ This should also succeed. With the bug, reading the file would -+ fail with "Stale NFS file handle" or "Input/output error". -+ -+ $ su bin -+ $ cat test/blah -+ > blah -+ $ sleep 3 -+ $ cat test/blah -+ > blah -+ $ cat test/blah -+ > blah -+ -+ Clean up. -+ -+ $ su -+ $ rm -rf %{EXPORT_PATH}/test -Index: acl-2.2.47/test/nfs/nfsacl.test -=================================================================== ---- /dev/null -+++ acl-2.2.47/test/nfs/nfsacl.test -@@ -0,0 +1,42 @@ -+This is a regression test for bugs in the nfsacl protocol extension. -+The test should be run on an NFS export mount with ACL support. -+ -+ Create a test directory and file. -+ -+ $ umask 022 -+ $ mkdir -p test/sub -+ $ echo blah > test/sub/blah -+ -+ $ cp -rp test/sub test/sub2 -+ $ find test/sub2 | sort | xargs ls -dl | awk '{print $1,$8}' -+ > drwxr-xr-x test/sub2 -+ > -rw-r--r-- test/sub2/blah -+ -+ $ rm -rf test/sub2 -+ -+ $ setfacl -m u:daemon:rwx test/sub -+ $ setfacl -dm u:daemon:rwx test/sub -+ $ getfattr -m- test/sub -+ > # file: test/sub -+ > system.posix_acl_access -+ > system.posix_acl_default -+ > -+ -+ $ cp -rp test/sub test/sub2 -+ $ find test/sub2 | sort | xargs ls -dl | awk '{print $1,$8}' -+ > drwxrwxr-x+ test/sub2 -+ > -rw-r--r-- test/sub2/blah -+ -+ $ rm -rf test/sub2 -+ -+ $ setfacl -m u:daemon:rw test/sub/blah -+ $ cp -rp test/sub test/sub2 -+ $ find test/sub2 | sort | xargs ls -dl | awk '{print $1,$8}' -+ > drwxrwxr-x+ test/sub2 -+ > -rw-rw-r--+ test/sub2/blah -+ -+ $ rm -rf test/sub2 -+ -+ Clean up. -+ -+ $ rm -rf test -Index: acl-2.2.47/test/nfsacl.test -=================================================================== ---- acl-2.2.47.orig/test/nfsacl.test -+++ /dev/null -@@ -1,42 +0,0 @@ --This is a regression test for bugs in the nfsacl protocol extension. --The test should be run on an NFS export mount with ACL support. -- -- Create a test directory and file. -- -- $ umask 022 -- $ mkdir -p test/sub -- $ echo blah > test/sub/blah -- -- $ cp -rp test/sub test/sub2 -- $ find test/sub2 | sort | xargs ls -dl | awk '{print $1,$8}' -- > drwxr-xr-x test/sub2 -- > -rw-r--r-- test/sub2/blah -- -- $ rm -rf test/sub2 -- -- $ setfacl -m u:daemon:rwx test/sub -- $ setfacl -dm u:daemon:rwx test/sub -- $ getfattr -m- test/sub -- > # file: test/sub -- > system.posix_acl_access -- > system.posix_acl_default -- > -- -- $ cp -rp test/sub test/sub2 -- $ find test/sub2 | sort | xargs ls -dl | awk '{print $1,$8}' -- > drwxrwxr-x+ test/sub2 -- > -rw-r--r-- test/sub2/blah -- -- $ rm -rf test/sub2 -- -- $ setfacl -m u:daemon:rw test/sub/blah -- $ cp -rp test/sub test/sub2 -- $ find test/sub2 | sort | xargs ls -dl | awk '{print $1,$8}' -- > drwxrwxr-x+ test/sub2 -- > -rw-rw-r--+ test/sub2/blah -- -- $ rm -rf test/sub2 -- -- Clean up. -- -- $ rm -rf test diff --git a/acl-move-root-tests-to-their-own-folder.patch b/acl-move-root-tests-to-their-own-folder.patch deleted file mode 100644 index c7687cb..0000000 --- a/acl-move-root-tests-to-their-own-folder.patch +++ /dev/null @@ -1,881 +0,0 @@ -From: Brandon Philips -Subject: [PATCH] acl: move root tests to their own folder - -Since these tests require root perms to run move them into a seperate -folder so they don't run by default. - -Signed-off-by: Brandon Philips - ---- - test/permissions.test | 279 --------------------------------------------- - test/root/permissions.test | 279 +++++++++++++++++++++++++++++++++++++++++++++ - test/root/setfacl.test | 144 +++++++++++++++++++++++ - test/setfacl.test | 144 ----------------------- - 4 files changed, 423 insertions(+), 423 deletions(-) - -Index: acl-2.2.47/test/permissions.test -=================================================================== ---- acl-2.2.47.orig/test/permissions.test -+++ /dev/null -@@ -1,279 +0,0 @@ --This script tests if file permissions are properly checked with and --without ACLs. The script must be run as root to allow switching users. --The following users are required. They must be a member in the groups --listed in parentheses. -- -- bin (bin) -- daemon (bin, daemon) -- -- --Cry immediately if we are not running as root. -- -- $ id -u -- > 0 -- -- --First, set up a temporary directory and create a regular file with --defined permissions. -- -- $ mkdir d -- $ cd d -- $ umask 027 -- $ touch f -- $ ls -l f | awk -- '{ print $1, $3, $4 }' -- > -rw-r----- root root -- -- --Make sure root has access to the file. Verify that user daemon does not --have access to the file owned by root. -- -- $ echo root > f -- -- $ su daemon -- $ echo daemon >> f -- > f: Permission denied -- -- $ su -- -- --Now, change the ownership of the file to bin:bin and verify that this --gives user bin write access. -- -- $ chown bin:bin f -- $ ls -l f | awk -- '{ print $1, $3, $4 }' -- > -rw-r----- bin bin -- $ su bin -- $ echo bin >> f -- -- --User daemon is a member in the owning group, which has only read access. --Verify this. -- -- $ su daemon -- $ cat f -- > root -- > bin -- -- $ echo daemon >> f -- > f: Permission denied -- -- --Now, add an ACL entry for user daemon that grants him rw- access. File --owners and users capable of CAP_FOWNER are allowed to change ACLs. -- -- $ su bin -- $ setfacl -m u:daemon:rw f -- $ getfacl --omit-header f -- > user::rw- -- > user:daemon:rw- -- > group::r-- -- > mask::rw- -- > other::--- -- > -- -- --Verify that the additional ACL entry grants user daemon write access. -- -- $ su daemon -- $ echo daemon >> f -- $ cat f -- > root -- > bin -- > daemon -- -- --Remove write access from the group class permission bits, and --verify that this masks daemon's write permission. -- -- $ su bin -- $ chmod g-w f -- $ getfacl --omit-header f -- > user::rw- -- > user:daemon:rw- #effective:r-- -- > group::r-- -- > mask::r-- -- > other::--- -- > -- -- $ su daemon -- $ echo daemon >> f -- > f: Permission denied -- -- --Add an entry for group daemon with rw- access, and change the --permissions for user daemon to r--. Also change the others permissions t --rw-. The user entry should take precedence, so daemon should be denied --access. -- -- $ su bin -- $ setfacl -m u:daemon:r,g:daemon:rw-,o::rw- f -- -- $ su daemon -- $ echo daemon >> f -- > f: Permission denied -- -- --Remove the entry for user daemon. The group daemon permissions should --now give user daemon rw- access. -- -- $ su bin -- $ setfacl -x u:daemon f -- -- $ su daemon -- $ echo daemon2 >> f -- $ cat f -- > root -- > bin -- > daemon -- > daemon2 -- -- --Set the group daemon permissions to r-- and verify that after than, user --daemon does not have write access anymore. -- -- $ su bin -- $ setfacl -m g:daemon:r f -- -- $ su daemon -- $ echo daemon3 >> f -- > f: Permission denied -- -- --Now, remove the group daemon entry. Because user daemon is a member in --the owning group, he should still have no write access. -- -- $ su bin -- $ setfacl -x g:daemon f -- -- $ su daemon -- $ echo daemon4 >> f -- > f: Permission denied -- -- --Change the owning group. The other permissions should now grant user --daemon write access. -- -- $ su -- $ chgrp root f -- -- $ su daemon -- $ echo daemon5 >> f -- $ cat f -- > root -- > bin -- > daemon -- > daemon2 -- > daemon5 -- -- --Verify that permissions in separate matching ACL entries do not --accumulate. -- -- $ su -- $ setfacl -m g:bin:r,g:daemon:w f -- -- $ su daemon -- $ : < f # open for reading -- $ : > f # open for writing -- $ : <> f # open for read-write -- > f: Permission denied -- -- --Test if directories can have ACLs. We assume that only one access check --algorithm is used for all file types the file system, so these tests --only need to verify that ACL permissions make a difference. -- -- $ su -- $ mkdir -m 750 e -- $ touch e/h -- -- $ su bin -- $ shopt -s nullglob ; echo e/* -- > -- -- $ echo i > e/i -- > e/i: Permission denied -- -- $ su -- $ setfacl -m u:bin:rx e -- -- $ su bin -- $ echo e/* -- > e/h -- $ echo i > e/i -- > e/i: Permission denied -- -- $ su -- $ setfacl -m u:bin:rwx e -- -- $ su bin -- $ echo i > e/i -- -- --Test if symlinks are properly followed. -- -- $ su -- $ touch g -- $ ln -s g l -- $ setfacl -m u:bin:rw l -- $ ls -l g | awk -- '{ print $1, $3, $4 }' -- > -rw-rw----+ root root -- -- --Test if ACLs are effective for block and character special files, fifos, --sockets. This is done by creating special files locally. The devices do --not need to exist: The access check is earlier in the code path than the --test if the device exists. -- -- -- $ mknod -m 0660 hdt b 91 64 # /dev/hdt -- $ mknod -m 0660 null c 1 3 # /dev/null -- $ mkfifo -m 0660 fifo -- -- $ su bin -- $ : < hdt -- > hdt: Permission denied -- $ : < null -- > null: Permission denied -- $ : < fifo -- > fifo: Permission denied -- -- $ su -- $ setfacl -m u:bin:rw hdt null fifo -- -- $ su bin -- $ : < hdt -- > hdt: No such device or address -- $ : < null -- $ ( echo blah > fifo & ) ; cat fifo -- > blah -- -- --Test if CAP_FOWNER is properly honored for directories. This addresses a --specific bug in XFS 1.2, which does not grant root access to files in --directories if the file has an ACL and only CAP_FOWNER would grant them. -- -- $ su -- $ mkdir -m 600 x -- $ chown daemon:daemon x -- $ echo j > x/j -- $ ls -l x/j | awk -- '{ print $1, $3, $4 }' -- > -rw-r----- root root -- -- $ setfacl -m u:daemon:r x -- -- $ ls -l x/j | awk -- '{ print $1, $3, $4 }' -- > -rw-r----- root root -- (With the bug this gives: `ls: x/j: Permission denied'.) -- -- $ echo k > x/k -- (With the bug this gives: `x/k: Permission denied'.) -- -- $ chmod 750 x -- -- --Clean up. -- -- $ su -- $ cd .. -- $ rm -rf d -Index: acl-2.2.47/test/setfacl.test -=================================================================== ---- acl-2.2.47.orig/test/setfacl.test -+++ /dev/null -@@ -1,144 +0,0 @@ --Setfacl utility tests. Run these tests on a filesystem with ACL support. -- -- $ mkdir d -- $ chown bin:bin d -- $ cd d -- -- $ su bin -- $ sg bin -- $ umask 027 -- $ touch g -- $ ls -dl g | awk '{print $1}' -- > -rw-r----- -- -- $ setfacl -m m:- g -- $ ls -dl g | awk '{print $1}' -- > -rw-------+ -- -- $ getfacl g -- > # file: g -- > # owner: bin -- > # group: bin -- > user::rw- -- > group::r-- #effective:--- -- > mask::--- -- > other::--- -- > -- -- $ setfacl -x m g -- $ getfacl g -- > # file: g -- > # owner: bin -- > # group: bin -- > user::rw- -- > group::r-- -- > other::--- -- > -- -- $ setfacl -m u:daemon:rw g -- $ getfacl g -- > # file: g -- > # owner: bin -- > # group: bin -- > user::rw- -- > user:daemon:rw- -- > group::r-- -- > mask::rw- -- > other::--- -- > -- -- $ setfacl -m u::rwx,g::r-x,o:- g -- $ getfacl g -- > # file: g -- > # owner: bin -- > # group: bin -- > user::rwx -- > user:daemon:rw- -- > group::r-x -- > mask::rwx -- > other::--- -- > -- -- $ setfacl -m u::rwx,g::r-x,o:-,m:- g -- $ getfacl g -- > # file: g -- > # owner: bin -- > # group: bin -- > user::rwx -- > user:daemon:rw- #effective:--- -- > group::r-x #effective:--- -- > mask::--- -- > other::--- -- > -- -- $ setfacl -m u::rwx,g::r-x,o:-,u:root:-,m:- g -- $ getfacl g -- > # file: g -- > # owner: bin -- > # group: bin -- > user::rwx -- > user:root:--- -- > user:daemon:rw- #effective:--- -- > group::r-x #effective:--- -- > mask::--- -- > other::--- -- > -- -- $ setfacl -m u::rwx,g::r-x,o:-,u:root:-,m:- g -- $ getfacl g -- > # file: g -- > # owner: bin -- > # group: bin -- > user::rwx -- > user:root:--- -- > user:daemon:rw- #effective:--- -- > group::r-x #effective:--- -- > mask::--- -- > other::--- -- > -- -- $ setfacl -m u::rwx,g::r-x,o:-,u:root:- g -- $ getfacl g -- > # file: g -- > # owner: bin -- > # group: bin -- > user::rwx -- > user:root:--- -- > user:daemon:rw- -- > group::r-x -- > mask::rwx -- > other::--- -- > -- -- $ setfacl --test -x u: g -- > setfacl: g: Malformed access ACL `user:root:---,user:daemon:rw-,group::r-x,mask::rwx,other::---': Missing or wrong entry at entry 1 -- -- $ setfacl --test -x u:x -- > setfacl: Option -x: Invalid argument near character 3 -- -- $ setfacl -m d:u:root:rwx g -- > setfacl: g: Only directories can have default ACLs -- -- $ setfacl -x m g -- > setfacl: g: Malformed access ACL `user::rwx,user:root:---,user:daemon:rw-,group::r-x,other::---': Missing or wrong entry at entry 5 -- setfacl --test -m d:u:daemon:rwx setfacl -- setfacl --test -n -m d:u:daemon:rwx setfacl -- --Check if the mask is properly recalculated -- -- $ mkdir d -- $ setfacl --test -m u::rwx,u:bin:rwx,g::r-x,o::--- d -- > d: u::rwx,u:bin:rwx,g::r-x,m::rwx,o::---,* -- -- $ setfacl --test -m u::rwx,u:bin:rwx,g::r-x,m::---,o::--- d -- > d: u::rwx,u:bin:rwx,g::r-x,m::---,o::---,* -- -- $ setfacl --test -d -m u::rwx,u:bin:rwx,g::r-x,o::--- d -- > d: *,d:u::rwx,d:u:bin:rwx,d:g::r-x,d:m::rwx,d:o::--- -- -- $ setfacl --test -d -m u::rwx,u:bin:rwx,g::r-x,m::---,o::--- d -- > d: *,d:u::rwx,d:u:bin:rwx,d:g::r-x,d:m::---,d:o::--- -- -- $ su -- $ cd .. -- $ rm -r d -Index: acl-2.2.47/test/root/permissions.test -=================================================================== ---- /dev/null -+++ acl-2.2.47/test/root/permissions.test -@@ -0,0 +1,279 @@ -+This script tests if file permissions are properly checked with and -+without ACLs. The script must be run as root to allow switching users. -+The following users are required. They must be a member in the groups -+listed in parentheses. -+ -+ bin (bin) -+ daemon (bin, daemon) -+ -+ -+Cry immediately if we are not running as root. -+ -+ $ id -u -+ > 0 -+ -+ -+First, set up a temporary directory and create a regular file with -+defined permissions. -+ -+ $ mkdir d -+ $ cd d -+ $ umask 027 -+ $ touch f -+ $ ls -l f | awk -- '{ print $1, $3, $4 }' -+ > -rw-r----- root root -+ -+ -+Make sure root has access to the file. Verify that user daemon does not -+have access to the file owned by root. -+ -+ $ echo root > f -+ -+ $ su daemon -+ $ echo daemon >> f -+ >~ .*f: Permission denied$ -+ -+ $ su -+ -+ -+Now, change the ownership of the file to bin:bin and verify that this -+gives user bin write access. -+ -+ $ chown bin:bin f -+ $ ls -l f | awk -- '{ print $1, $3, $4 }' -+ > -rw-r----- bin bin -+ $ su bin -+ $ echo bin >> f -+ -+ -+User daemon is a member in the owning group, which has only read access. -+Verify this. -+ -+ $ su daemon -+ $ cat f -+ > root -+ > bin -+ -+ $ echo daemon >> f -+ >~ .*f: Permission denied$ -+ -+ -+Now, add an ACL entry for user daemon that grants him rw- access. File -+owners and users capable of CAP_FOWNER are allowed to change ACLs. -+ -+ $ su bin -+ $ setfacl -m u:daemon:rw f -+ $ getfacl --omit-header f -+ > user::rw- -+ > user:daemon:rw- -+ > group::r-- -+ > mask::rw- -+ > other::--- -+ > -+ -+ -+Verify that the additional ACL entry grants user daemon write access. -+ -+ $ su daemon -+ $ echo daemon >> f -+ $ cat f -+ > root -+ > bin -+ > daemon -+ -+ -+Remove write access from the group class permission bits, and -+verify that this masks daemon's write permission. -+ -+ $ su bin -+ $ chmod g-w f -+ $ getfacl --omit-header f -+ > user::rw- -+ > user:daemon:rw- #effective:r-- -+ > group::r-- -+ > mask::r-- -+ > other::--- -+ > -+ -+ $ su daemon -+ $ echo daemon >> f -+ >~ .*f: Permission denied$ -+ -+ -+Add an entry for group daemon with rw- access, and change the -+permissions for user daemon to r--. Also change the others permissions t -+rw-. The user entry should take precedence, so daemon should be denied -+access. -+ -+ $ su bin -+ $ setfacl -m u:daemon:r,g:daemon:rw-,o::rw- f -+ -+ $ su daemon -+ $ echo daemon >> f -+ >~ .*f: Permission denied$ -+ -+ -+Remove the entry for user daemon. The group daemon permissions should -+now give user daemon rw- access. -+ -+ $ su bin -+ $ setfacl -x u:daemon f -+ -+ $ su daemon -+ $ echo daemon2 >> f -+ $ cat f -+ > root -+ > bin -+ > daemon -+ > daemon2 -+ -+ -+Set the group daemon permissions to r-- and verify that after than, user -+daemon does not have write access anymore. -+ -+ $ su bin -+ $ setfacl -m g:daemon:r f -+ -+ $ su daemon -+ $ echo daemon3 >> f -+ >~ .*f: Permission denied$ -+ -+ -+Now, remove the group daemon entry. Because user daemon is a member in -+the owning group, he should still have no write access. -+ -+ $ su bin -+ $ setfacl -x g:daemon f -+ -+ $ su daemon -+ $ echo daemon4 >> f -+ >~ .*f: Permission denied$ -+ -+ -+Change the owning group. The other permissions should now grant user -+daemon write access. -+ -+ $ su -+ $ chgrp root f -+ -+ $ su daemon -+ $ echo daemon5 >> f -+ $ cat f -+ > root -+ > bin -+ > daemon -+ > daemon2 -+ > daemon5 -+ -+ -+Verify that permissions in separate matching ACL entries do not -+accumulate. -+ -+ $ su -+ $ setfacl -m g:bin:r,g:daemon:w f -+ -+ $ su daemon -+ $ : < f -+ $ : > f -+ $ : <> f -+ >~ .*f: Permission denied$ -+ -+ -+Test if directories can have ACLs. We assume that only one access check -+algorithm is used for all file types the file system, so these tests -+only need to verify that ACL permissions make a difference. -+ -+ $ su -+ $ mkdir -m 750 e -+ $ touch e/h -+ -+ $ su bin -+ $ shopt -s nullglob ; echo e/* -+ > -+ -+ $ echo i > e/i -+ >~ .*e/i: Permission denied$ -+ -+ $ su -+ $ setfacl -m u:bin:rx e -+ -+ $ su bin -+ $ echo e/* -+ > e/h -+ $ echo i > e/i -+ >~ .*e/i: Permission denied$ -+ -+ $ su -+ $ setfacl -m u:bin:rwx e -+ -+ $ su bin -+ $ echo i > e/i -+ -+ -+Test if symlinks are properly followed. -+ -+ $ su -+ $ touch g -+ $ ln -s g l -+ $ setfacl -m u:bin:rw l -+ $ ls -l g | awk -- '{ print $1, $3, $4 }' -+ > -rw-rw----+ root root -+ -+ -+Test if ACLs are effective for block and character special files, fifos, -+sockets. This is done by creating special files locally. The devices do -+not need to exist: The access check is earlier in the code path than the -+test if the device exists. -+ -+ -+ $ mknod -m 0660 hdt b 91 64 -+ $ mknod -m 0660 null c 1 3 -+ $ mkfifo -m 0660 fifo -+ -+ $ su bin -+ $ : < hdt -+ >~ .*hdt: Permission denied$ -+ $ : < null -+ >~ .*null: Permission denied$ -+ $ : < fifo -+ >~ .*fifo: Permission denied$ -+ -+ $ su -+ $ setfacl -m u:bin:rw hdt null fifo -+ -+ $ su bin -+ $ : < hdt -+ >~ .*hdt: No such device or address$ -+ $ : < null -+ $ ( echo blah > fifo & ) ; cat fifo -+ > blah -+ -+ -+Test if CAP_FOWNER is properly honored for directories. This addresses a -+specific bug in XFS 1.2, which does not grant root access to files in -+directories if the file has an ACL and only CAP_FOWNER would grant them. -+ -+ $ su -+ $ mkdir -m 600 x -+ $ chown daemon:daemon x -+ $ echo j > x/j -+ $ ls -l x/j | awk -- '{ print $1, $3, $4 }' -+ > -rw-r----- root root -+ -+ $ setfacl -m u:daemon:r x -+ -+ $ ls -l x/j | awk -- '{ print $1, $3, $4 }' -+ > -rw-r----- root root -+ (With the bug this gives: `ls: x/j: Permission denied'.) -+ -+ $ echo k > x/k -+ (With the bug this gives: `x/k: Permission denied'.) -+ -+ $ chmod 750 x -+ -+ -+Clean up. -+ -+ $ su -+ $ cd .. -+ $ rm -rf d -Index: acl-2.2.47/test/root/setfacl.test -=================================================================== ---- /dev/null -+++ acl-2.2.47/test/root/setfacl.test -@@ -0,0 +1,144 @@ -+Setfacl utility tests. Run these tests on a filesystem with ACL support. -+ -+ $ mkdir d -+ $ chown bin:bin d -+ $ cd d -+ -+ $ su bin -+ $ sg bin -+ $ umask 027 -+ $ touch g -+ $ ls -dl g | awk '{print $1}' -+ > -rw-r----- -+ -+ $ setfacl -m m:- g -+ $ ls -dl g | awk '{print $1}' -+ > -rw-------+ -+ -+ $ getfacl g -+ > # file: g -+ > # owner: bin -+ > # group: bin -+ > user::rw- -+ > group::r-- #effective:--- -+ > mask::--- -+ > other::--- -+ > -+ -+ $ setfacl -x m g -+ $ getfacl g -+ > # file: g -+ > # owner: bin -+ > # group: bin -+ > user::rw- -+ > group::r-- -+ > other::--- -+ > -+ -+ $ setfacl -m u:daemon:rw g -+ $ getfacl g -+ > # file: g -+ > # owner: bin -+ > # group: bin -+ > user::rw- -+ > user:daemon:rw- -+ > group::r-- -+ > mask::rw- -+ > other::--- -+ > -+ -+ $ setfacl -m u::rwx,g::r-x,o:- g -+ $ getfacl g -+ > # file: g -+ > # owner: bin -+ > # group: bin -+ > user::rwx -+ > user:daemon:rw- -+ > group::r-x -+ > mask::rwx -+ > other::--- -+ > -+ -+ $ setfacl -m u::rwx,g::r-x,o:-,m:- g -+ $ getfacl g -+ > # file: g -+ > # owner: bin -+ > # group: bin -+ > user::rwx -+ > user:daemon:rw- #effective:--- -+ > group::r-x #effective:--- -+ > mask::--- -+ > other::--- -+ > -+ -+ $ setfacl -m u::rwx,g::r-x,o:-,u:root:-,m:- g -+ $ getfacl g -+ > # file: g -+ > # owner: bin -+ > # group: bin -+ > user::rwx -+ > user:root:--- -+ > user:daemon:rw- #effective:--- -+ > group::r-x #effective:--- -+ > mask::--- -+ > other::--- -+ > -+ -+ $ setfacl -m u::rwx,g::r-x,o:-,u:root:-,m:- g -+ $ getfacl g -+ > # file: g -+ > # owner: bin -+ > # group: bin -+ > user::rwx -+ > user:root:--- -+ > user:daemon:rw- #effective:--- -+ > group::r-x #effective:--- -+ > mask::--- -+ > other::--- -+ > -+ -+ $ setfacl -m u::rwx,g::r-x,o:-,u:root:- g -+ $ getfacl g -+ > # file: g -+ > # owner: bin -+ > # group: bin -+ > user::rwx -+ > user:root:--- -+ > user:daemon:rw- -+ > group::r-x -+ > mask::rwx -+ > other::--- -+ > -+ -+ $ setfacl --test -x u: g -+ > setfacl: g: Malformed access ACL `user:root:---,user:daemon:rw-,group::r-x,mask::rwx,other::---': Missing or wrong entry at entry 1 -+ -+ $ setfacl --test -x u:x -+ > setfacl: Option -x: Invalid argument near character 3 -+ -+ $ setfacl -m d:u:root:rwx g -+ > setfacl: g: Only directories can have default ACLs -+ -+ $ setfacl -x m g -+ > setfacl: g: Malformed access ACL `user::rwx,user:root:---,user:daemon:rw-,group::r-x,other::---': Missing or wrong entry at entry 5 -+ setfacl --test -m d:u:daemon:rwx setfacl -+ setfacl --test -n -m d:u:daemon:rwx setfacl -+ -+Check if the mask is properly recalculated -+ -+ $ mkdir d -+ $ setfacl --test -m u::rwx,u:bin:rwx,g::r-x,o::--- d -+ > d: u::rwx,u:bin:rwx,g::r-x,m::rwx,o::---,* -+ -+ $ setfacl --test -m u::rwx,u:bin:rwx,g::r-x,m::---,o::--- d -+ > d: u::rwx,u:bin:rwx,g::r-x,m::---,o::---,* -+ -+ $ setfacl --test -d -m u::rwx,u:bin:rwx,g::r-x,o::--- d -+ > d: *,d:u::rwx,d:u:bin:rwx,d:g::r-x,d:m::rwx,d:o::--- -+ -+ $ setfacl --test -d -m u::rwx,u:bin:rwx,g::r-x,m::---,o::--- d -+ > d: *,d:u::rwx,d:u:bin:rwx,d:g::r-x,d:m::---,d:o::--- -+ -+ $ su -+ $ cd .. -+ $ rm -r d diff --git a/acl-various-improvements-for-test-run.patch b/acl-various-improvements-for-test-run.patch deleted file mode 100644 index 5da2811..0000000 --- a/acl-various-improvements-for-test-run.patch +++ /dev/null @@ -1,192 +0,0 @@ -From: Andreas Gruenbacher -Subject: [PATCH] acl: various improvements for test/run - -Update the run script with various improvements: - -Avoid a warning: - -main::process_test() called too early to check prototype at ./run line 47. -main::process_test() called too early to check prototype at ./run line 60. - -Create two ENV variables TUSER and TGROUP to get the user/group -running the test. - -Add a >~ test line that is similar to > but is interpreted as a regular -expression. - -Signed-off-by: Brandon Philips -Signed-off-by: Andreas Gruenbacher - ---- - test/run | 90 ++++++++++++++++++++++++++++++++++++++++++++++++++------------- - 1 file changed, 72 insertions(+), 18 deletions(-) - -Index: acl-2.2.47/test/run -=================================================================== ---- acl-2.2.47.orig/test/run -+++ acl-2.2.47/test/run -@@ -1,5 +1,32 @@ - #!/usr/bin/perl -w -U - -+# Copyright (c) 2007, 2008 Andreas Gruenbacher. -+# All rights reserved. -+# -+# Redistribution and use in source and binary forms, with or without -+# modification, are permitted provided that the following conditions -+# are met: -+# 1. Redistributions of source code must retain the above copyright -+# notice, this list of conditions, and the following disclaimer, -+# without modification, immediately at the beginning of the file. -+# 2. The name of the author may not be used to endorse or promote products -+# derived from this software without specific prior written permission. -+# -+# Alternatively, this software may be distributed under the terms of the -+# GNU Public License ("GPL"). -+# -+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -+# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR -+# ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -+# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -+# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -+# SUCH DAMAGE. -+ - # - # Possible improvements: - # -@@ -12,12 +39,13 @@ - use strict; - use FileHandle; - use Getopt::Std; --use POSIX qw(isatty setuid); --use vars qw($opt_v); -+use POSIX qw(isatty setuid getcwd); -+use vars qw($opt_l $opt_v); - - no warnings qw(taint); - --getopts('v'); -+$opt_l = ~0; # a really huge number -+getopts('l:v'); - - my ($OK, $FAILED) = ("ok", "failed"); - if (isatty(fileno(STDOUT))) { -@@ -25,18 +53,24 @@ if (isatty(fileno(STDOUT))) { - $FAILED = "\033[31m\033[1m" . $FAILED . "\033[m"; - } - -+$ENV{"TUSER"} = getpwuid($>); -+$ENV{"TGROUP"} = getgrgid($)); -+ - sub exec_test($$); -+sub process_test($$$$); - - my ($prog, $in, $out) = ([], [], []); --my $line_number = 0; --my $prog_line; -+my $prog_line = 0; - my ($tests, $failed) = (0,0); -+my $lineno; -+my $width = ($ENV{COLUMNS} || 80) >> 1; - - for (;;) { -- my $line = <>; $line_number++; -+ my $line = <>; $lineno++; - if (defined $line) { - # Substitute %VAR and %{VAR} with environment variables. -- $line =~ s[%(?:(\w+)|\{(\w+)\})][$ENV{"$1$2"}]eg; -+ $line =~ s[%(\w+)][$ENV{$1}]eg; -+ $line =~ s[%{(\w+)}][$ENV{$1}]eg; - } - if (defined $line) { - if ($line =~ s/^\s*< ?//) { -@@ -45,14 +79,14 @@ for (;;) { - push @$out, $line; - } else { - process_test($prog, $prog_line, $in, $out); -+ last if $prog_line >= $opt_l; - - $prog = []; - $prog_line = 0; - } - if ($line =~ s/^\s*\$ ?//) { -- $line =~ s/\s+#.*//; # remove comments here... - $prog = [ map { s/\\(.)/$1/g; $_ } split /(? @$result) ? @$out : @$result; - for (my $n=0; $n < $nmax; $n++) { -- if (!defined($out->[$n]) || !defined($result->[$n]) || -- $out->[$n] ne $result->[$n]) { -- $good = 0; -- } -+ my $use_re; -+ if (defined $out->[$n] && $out->[$n] =~ /^~ /) { -+ $use_re = 1; -+ $out->[$n] =~ s/^~ //g; -+ } -+ -+ if (!defined($out->[$n]) || !defined($result->[$n]) || -+ (!$use_re && $result->[$n] ne $out->[$n]) || -+ ( $use_re && $result->[$n] !~ /^$out->[$n]/)) { -+ push @good, ($use_re ? '!~' : '!='); -+ } -+ else { -+ push @good, ($use_re ? '=~' : '=='); -+ } - } -+ my $good = !(grep /!/, @good); - $tests++; - $failed++ unless $good; - print $good ? $OK : $FAILED, "\n"; -- if (!$good) { -+ if (!$good || $opt_v) { - for (my $n=0; $n < $nmax; $n++) { - my $l = defined($out->[$n]) ? $out->[$n] : "~"; - chomp $l; - my $r = defined($result->[$n]) ? $result->[$n] : "~"; - chomp $r; -- print sprintf("%-37s %s %-39s\n", $l, $l eq $r ? "|" : "?", $r); -+ print sprintf("%-" . ($width-3) . "s %s %s\n", -+ $r, $good[$n], $l); - } -- } elsif ($opt_v) { -- print join('', @$result); - } - } - -@@ -191,11 +235,21 @@ sub exec_test($$) { - if (!chdir $prog->[1]) { - return [ "chdir: $prog->[1]: $!\n" ]; - } -+ $ENV{PWD} = getcwd; - return []; - } elsif ($prog->[0] eq "su") { - return su($prog->[1]); - } elsif ($prog->[0] eq "sg") { - return sg($prog->[1]); -+ } elsif ($prog->[0] eq "export") { -+ my ($name, $value) = split /=/, $prog->[1]; -+ # FIXME: need to evaluate $value, so that things like this will work: -+ # export dir=$PWD/dir -+ $ENV{$name} = $value; -+ return []; -+ } elsif ($prog->[0] eq "unset") { -+ delete $ENV{$prog->[1]}; -+ return []; - } - - pipe *IN2, *OUT diff --git a/acl.changes b/acl.changes index cdb6ec6..efbf162 100644 --- a/acl.changes +++ b/acl.changes @@ -1,3 +1,14 @@ +------------------------------------------------------------------- +Sat Aug 1 04:26:07 CEST 2009 - bphilips@novell.com + +- Version bump to 2.2.48 + - Document the new flags comments + - Include the S_ISUID, S_ISGID, S_ISVTX flags in the getfacl output, and restore them with "setfacl --restore=file". + - Make sure that getfacl -R only calls stat(2) on symlinks when it needs to + - Stop quoting nonprintable characters in the getfacl output + - Avoid unnecessary but destructive chown calls + - Clarify license notice + ------------------------------------------------------------------- Thu Feb 12 23:11:42 PST 2009 - bphilips@novell.com diff --git a/acl.spec b/acl.spec index bf186ea..ffa4583 100644 --- a/acl.spec +++ b/acl.spec @@ -1,5 +1,5 @@ # -# spec file for package acl (Version 2.2.47) +# spec file for package acl (Version 2.2.48) # # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -23,22 +23,11 @@ BuildRequires: libattr-devel Group: System/Filesystems AutoReqProv: on Summary: Commands for Manipulating POSIX Access Control Lists -Version: 2.2.47 -Release: 31 -Source: %name-%version.src.tar.bz2 +Version: 2.2.48 +Release: 1 +Source: %name-%version.src.tar.gz Patch0: builddefs.in.diff -Patch1: walk-tree-fix-for-deref.patch -Patch2: null-pointer-access.diff -Patch3: acl-add-make-test-target-and-use-make-to-run-tests.patch -Patch4: acl-various-improvements-for-test-run.patch -Patch5: acl-move-root-tests-to-their-own-folder.patch -Patch6: acl-move-nfs-tests-to-their-own-folder.patch -Patch7: acl-minor-fix-to-cp.test.patch -Patch8: acl-add-getfacl-r-l-p-tests.patch -Patch9: acl-fix-setfacl-for-long-utf8-filenames.patch -Patch10: acl-Return-error-status-on-setfacl-failures.patch -Patch11: acl-add-short-option-support-to-the-acl-commands.patch -Url: ftp://oss.sgi.com/projects/xfs/cmd_tars +Url: http://download.savannah.gnu.org/releases-noredirect/acl/ License: GPL v2 or later BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -46,15 +35,13 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-build getfacl and setfacl commands for retrieving and setting POSIX access control lists. - - Authors: -------- Andreas Gruenbacher SGI %package -n libacl -License: GPL v2 or later; LGPL v2.1 or later +License: GPL v2 or later ; LGPL v2.1 or later Summary: A dynamic library for accessing POSIX Access Control Lists Group: System/Libraries # bug437293 @@ -68,15 +55,13 @@ This package contains the libacl.so dynamic library which contains the POSIX 1003.1e draft standard 17 functions for manipulating access control lists. - - Authors: -------- Andreas Gruenbacher SGI %package -n libacl-devel -License: GPL v2 or later; LGPL v2.1 or later +License: GPL v2 or later ; LGPL v2.1 or later Summary: Include Files and Libraries mandatory for Development AutoReqProv: on Group: Development/Libraries/C and C++ @@ -93,8 +78,6 @@ Obsoletes: libacl-devel-64bit This package contains all necessary include files and libraries needed to develop applications that require these. - - Authors: -------- SGI @@ -102,17 +85,6 @@ Authors: %prep %setup -n acl-%version %patch0 -p1 -%patch1 -p1 -%patch2 -p1 -%patch3 -p1 -%patch4 -p1 -%patch5 -p1 -%patch6 -p1 -%patch7 -p1 -%patch8 -p1 -%patch9 -p1 -%patch10 -p1 -%patch11 -p1 %build export OPTIMIZER="$RPM_OPT_FLAGS -fPIC" @@ -162,6 +134,7 @@ rm -f $RPM_BUILD_ROOT/%{_lib}/libacl.{a,la,so} %dir %attr(755,root,root) /usr/share/doc/packages/acl %doc %attr(644,root,root) /usr/share/doc/packages/acl/CHANGES.gz %doc %attr(644,root,root) /usr/share/doc/packages/acl/COPYING +%doc %attr(644,root,root) /usr/share/doc/packages/acl/COPYING.LGPL %doc %attr(644,root,root) /usr/share/doc/packages/acl/PORTING %doc %attr(644,root,root) /usr/share/doc/packages/acl/README %doc %attr(644,root,root) %{_mandir}/man1/chacl.1.gz @@ -220,137 +193,3 @@ rm -f $RPM_BUILD_ROOT/%{_lib}/libacl.{a,la,so} /%{_lib}/libacl.so.1* %changelog -* Thu Feb 12 2009 bphilips@novell.com -- fix setfacl for long utf8 filenames (rh#183181) - - Return error status on setfacl failures (rh#368451) - - getfacl/setfacl should support shortcode flags (rh#204087) -* Thu Jan 08 2009 bphilips@novell.com -- Added a number of unit test improvements -* Wed Dec 10 2008 olh@suse.de -- use Obsoletes: -XXbit only for ppc64 to help solver during distupgrade - (bnc#437293) -* Tue Nov 11 2008 ro@suse.de -- SLE-11 uses PPC64 instead of PPC, adapt baselibs.conf -* Thu Oct 30 2008 olh@suse.de -- obsolete old -XXbit packages (bnc#437293) -* Fri Jul 11 2008 bphilips@suse.de -- Failure to recursively set/get ACLs on directories (bnc#404075) -- When invoked as ``setfacl -- ...'', setfacl segfaults (bnc#369425). -* Thu Apr 10 2008 ro@suse.de -- added baselibs.conf file to build xxbit packages - for multilib support -* Sat Oct 27 2007 agruen@suse.de -- Don't exhaust the number of file descriptors in the path walking - code, and make sure each directory is only visited once. -* Thu Oct 25 2007 agruen@suse.de -- A large jump to the current upstream version 2.2.45. -- Fix the upstream path walking code. -* Sat Mar 18 2006 agruen@suse.de -- Remove broken file /usr/lib[64]/libacl.la. -* Fri Mar 17 2006 agruen@suse.de -- Fix symlinks in the -devel package (149945, Nathan Scott). -* Wed Jan 25 2006 mls@suse.de -- converted neededforbuild to BuildRequires -* Fri Jan 13 2006 mjancar@suse.cz -- update to 2.2.34 -* Tue Sep 06 2005 coolo@suse.de -- Fixing devel dependencies (the libtool check chokes on the symlinks, - but it still is right) -* Fri Aug 26 2005 agruen@suse.de -- Update to version 2.2.31: Integrate a patch we had separately; - additional stdin error handling in setfacl. -* Fri Aug 19 2005 kukuk@suse.de -- Move devel files from / to /usr -- Don't generate filelist dynamic (fix broken attr statements) -* Mon Apr 25 2005 meissner@suse.de -- Use RPM_OPT_FLAGS. -* Mon Feb 21 2005 agruen@suse.de -- Update to version 2.2.30. Several fixes. -* Thu Nov 11 2004 coolo@suse.de -- use %%find_lang -* Wed Aug 25 2004 agruen@suse.de -- #43472: Fix processing of the X pseudo permission in setfacl: - Must not modify the sequence of commands directly or else only - the first file is processed correctly, and X is not evaluated - for any other file. Add test case for X pseudo permission. -- Remove support for relative permission changes; this - non-standard feature was disabled since a while already. -- Bump version number to 2.2.25. -* Sun Jan 11 2004 adrian@suse.de -- build as user -* Thu Jan 01 2004 agruen@suse.de -- Update to version 2.2.21. Bug fix in directory tree walking - code. -* Tue Oct 21 2003 kukuk@suse.de -- Fix provides for update case -* Thu Aug 28 2003 agruen@suse.de -- Fix a bug with error handling while walking directory trees. -* Wed Aug 27 2003 ro@suse.de -- fix patch depth in specfile -* Tue Aug 26 2003 agruen@suse.de -- Fix SIGSEGV if the quote function. -* Fri Aug 15 2003 agruen@suse.de -- Update to 2.2.15: Includes quoting of special characters in - path and user names, and several minor fixes. (For details see - doc/CHANGES in the tarball). -* Mon Jun 16 2003 ja@suse.cz -- File list fixed. -* Sun Apr 06 2003 agruen@suse.de -- Update to 2.2.7. -* Wed Feb 26 2003 agruen@suse.de -- Update to acl-2.2.3a, which has all our patches plus an - additional malloc bug fix. -* Mon Feb 24 2003 agruen@suse.de -- Increment libattr library version to 1.1.0. -- Add symbol level versioning for libacl. -* Sat Feb 08 2003 agruen@suse.de -- Fix a long standing bug in acl_get_file() for Default ACLs (that - probably was there from hour one), and another critical bug in - the libacl entry pre-allocation patch (introduced on Jan 22). -* Tue Jan 28 2003 agruen@suse.de -- Fix inconsistent declarations for visibility("hidden") attributes - ("config.h" was not always included). -- Fix a signedness warning in getfacl/user_group.c with a type - cast. -* Wed Jan 22 2003 agruen@suse.de -- Update to acl-2.2.2 -- Fix a memory leak in acl_init() -- Add memory pre-allocation support patch for libacl -- Add ACL copying functions patch -- Add visibility(hidden) patch that hides libacl internal functions - from the outside. -- Let mls@suse.de add the following package alias in Autobuild - for building packages against older releases: - libacl-devel -> acl-devel [for <= 8.1] -* Tue Jan 21 2003 agruen@suse.de -- Remove (Prereq: /sbin/ldconfig) tag, and use %%run_ldconfig - in %%post and %%postun instead. -- acl-devel was renamed to libacl-devel: add missing - `Obsoletes: acl-devel' tag to libacl-devel. -* Sun Jan 19 2003 agruen@suse.de -- Fix a typo and add a clarification in the acl.5 manual page. -* Fri Dec 13 2002 schwab@suse.de -- Fix filelist generation. -* Fri Dec 13 2002 jderfina@suse.cz -- upgrading to version 2.1.1 -- spliting acl to acl (binaries), libacl (libraries) and libacl-devel - (development stuff). This spliting follows SGI's release. -* Thu Sep 05 2002 agruen@suse.de -- Update to 2.0.19 + additional corrections (see - acl-2.0.19/doc/CHANGES). -* Thu Aug 15 2002 agruen@suse.de -- Remove the suse_update_config macro and the config.* stuff. - (According to ro@suse.de this is not necessary.) -- Change the documentation path in builddefs.in instead of in - configure.in. -- Update to version 2.0.17 -* Thu Jun 20 2002 uli@suse.de -- fixed for lib64 -* Wed Jun 19 2002 lmuelle@suse.de -- Remove DESTDIR patch, use DIST_ROOT of package instead -- Fix library location in the devel package -- Update to version 2.0.11 -* Tue May 07 2002 sf@suse.de -- moved libs to %%{_lib} (they were in /lib _and_ /usr/lib before) -* Mon Feb 25 2002 ro@suse.de -- initial package (v2.0.0) (split from xfsprogs spec) diff --git a/null-pointer-access.diff b/null-pointer-access.diff deleted file mode 100644 index a3cb09a..0000000 --- a/null-pointer-access.diff +++ /dev/null @@ -1,57 +0,0 @@ -From: Andreas Gruenbacher -Subject: Fix NULL pointer access / segmentation fault - -When invoked as ``setfacl -- ...'', setfacl segfaults. Reported -by Jiri Moskovcak and -Peng Haitao . - -This fix is based on their proposed patch. - -Signed-off-by: Andreas Gruenbacher -Cc: Jiri Moskovcak -Cc: Peng Haitao - -Index: acl-2.2.45/setfacl/setfacl.c -=================================================================== ---- acl-2.2.45.orig/setfacl/setfacl.c -+++ acl-2.2.45/setfacl/setfacl.c -@@ -301,7 +301,7 @@ int main(int argc, char *argv[]) - int which; - int lineno; - int error; -- seq_t seq = NULL; -+ seq_t seq; - int seq_cmd, parse_mode; - - progname = basename(argv[0]); -@@ -326,6 +326,10 @@ int main(int argc, char *argv[]) - bindtextdomain(PACKAGE, LOCALEDIR); - textdomain(PACKAGE); - -+ seq = seq_init(); -+ if (!seq) -+ ERRNO_ERROR(1); -+ - while ((opt = getopt_long(argc, argv, cmd_line_options, - long_options, NULL)) != -1) { - /* we remember the two REMOVE_ACL commands of the set -@@ -334,15 +338,12 @@ int main(int argc, char *argv[]) - cmd_t seq_remove_acl_cmd = NULL; - - if (opt != '\1' && saw_files) { -- if (seq) { -+ if (seq) - seq_free(seq); -- seq = NULL; -- } -- saw_files = 0; -- } -- if (seq == NULL) { -- if (!(seq = seq_init())) -+ seq = seq_init(); -+ if (!seq) - ERRNO_ERROR(1); -+ saw_files = 0; - } - - switch (opt) { diff --git a/walk-tree-fix-for-deref.patch b/walk-tree-fix-for-deref.patch deleted file mode 100644 index 455fe7d..0000000 --- a/walk-tree-fix-for-deref.patch +++ /dev/null @@ -1,68 +0,0 @@ -Subject: acl: Fix WALK_TREE_RECURSIVE for the WALK_TREE_DEREFERENCE case - -getfacl.c calls walk_tree() with WALK_TREE_DEREFERENCE. This causes a stat() -of symlinks which in turn causes S_ISDIR(st.st_mode) to be true on symlinks. - -This causes getfacl -P to return the contents of symlinks... - -e.g. - -$ mkdir -p test/sub -$ mkdir test/link -$ touch test/link/file -$ ln -s `pwd`/test/link test/sub/link -$ getfacl -P -R test/sub - - -# file: test/sub -# owner: philips -# group: users -user::rwx -group::r-x -other::r-x - -# file: test/sub/link/file -# owner: philips -# group: users -user::rw- -group::r-- -other::r-- - -After the fix: - -$ getfacl -R -P test/sub/ -# file: test/sub/ -# owner: philips -# group: users -user::rwx -group::r-x -other::r-x - - -Signed-off-by: Brandon Philips - ---- - libmisc/walk_tree.c | 9 ++++++++- - 1 file changed, 8 insertions(+), 1 deletion(-) - -Index: acl-2.2.47/libmisc/walk_tree.c -=================================================================== ---- acl-2.2.47.orig/libmisc/walk_tree.c -+++ acl-2.2.47/libmisc/walk_tree.c -@@ -93,8 +93,15 @@ static int walk_tree_rec(const char *pat - have_dir_stat = 1; - } - err = func(path, &st, flags, arg); -+ -+ /* -+ * Recurse if WALK_TREE_RECURSIVE and the path is: -+ * a dir not from a symlink -+ * a link and follow_symlinks -+ */ - if ((flags & WALK_TREE_RECURSIVE) && -- (S_ISDIR(st.st_mode) || (S_ISLNK(st.st_mode) && follow_symlinks))) { -+ (!(flags & WALK_TREE_SYMLINK) && S_ISDIR(st.st_mode)) || -+ ((flags & WALK_TREE_SYMLINK) && follow_symlinks)) { - struct dirent *entry; - - /*